I'm planning on upgrading the OS of our primary Kerberos server, from
CentOS 5.7 to CentOS 6.5 (essentially the same as RHEL). I'll be
using the vendor-provided MIT Kerberos packages. Old version is
1.6.1-62, new version is 1.10.3-10.
We have two slave KDCs, both of them are already on the newer OS and
Kerberos versions. As far as I can tell, the slaves appear to work,
as I can disable the krb5kdc service on the primary, and nothing
breaks.
I just want to do a sanity check that I'm not overlooking any
important step. I think I can basically follow the instructions
provided here:
http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.5/doc/install.html
but with the exceptions that all the config files will be copied over
from the old install:
- /etc/krb5.conf
- /etc/krb5.keytab
- /var/kerberos/krb5kdc/kdc.conf
- /var/kerberos/krb5kdc/kadm5.acl
And obviously, instead of creating a new database, I'll re-create the
old database from a dump.
Am I missing anything? Is it safe to copy the old
/var/kerberos/krb5kdc directory wholesale?
It seems fairly straightforward, perhaps too easy, so just looking for
any words of wisdom that could save me some grief.
Thanks!
Matt
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
